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READER 



@ Means for identification and exchange of encryption ksys. 



@ The invention relates to a means for identifi- 
cation and exchange of encryption keys be- 
tween communicating apparatuses for 
encrypted transmissions. The means comprises 
a card reader for smart cards connected to the 
GomnHjnication apparatus which may be a tele- 
communication apparatus, e.g. of telephone or 
facsimile type. The reader can communicate 
with another reader at a called telecommuni- 
cation apparatus. For identification and 
exchange of encryption keys the required cal- 
Gulatbns are performed by the reader or the 
smart card using data stored on the smart card 
in a protected f^d with limited access. The 
means enable lntercommunicatk>n between 
products of different makes owing to a standard 
klentiTication prcx»dure and exchange of en- 
cryptk)n keys. 
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FIELD OF THE iNVEtmON 

The present invention relates to means for iden- 
tification and exchange of encryption keys between 
two communicating apparatuses for encrypted trans- 
missions, comprising readers connected to the conrv 
munication apparatuses. Each reader contains a 
reader unit which together with software is capable of 
handling smart cards. The reader can communicate 
with another reader In the other communication ap- 
paratus. The means includes a built-in keyt>oard for 
inputting of data. 

STATE OF THE ART 

Existing products for encryptk)n, facsimile appa- 
ratuses, telephone, etc., often follow standards with 
respect to communication and algorithms, but ex- 
clude intercommunlcatk>n between two products of 
different makes. A cheap accessory for these and 
new products would enable different makes to Inter- 
communicate through a standard identifk:atbn pro- 
cedure and exchange of encryption keys. In addition, 
modern smart cards may be used in the procedures 
enabling strong algorithms and enhanced security. 

SUMMARY OF THE INVENTION 

The present invention provkJes a nneans for kien- 
tif ication and exchange of encryptk>n keys between 
two communk^ating apparatuses for encrypted trans- 
missions. According to the invent k>n a reader for 
smart cards is connected to each communication ap- 
'patdtus. The required calculatkins are performed by 
the readeror the smart card using data stored on the 
smart card in a proctected field with limited access. 

Preferably the communicatbn apparatus is a fao- 
simile apparatus or a telephone. 

Further embodiments of the invention are set 
forth in detail in the accompanying danms. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The inventk)n will now be described in detail with 
reference to the accompanying drawings in which the 
figure is a block diagram of the;means according to 
the invention connected in a network. 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENTS OF THE INVENTION 

In the figure the means according to the inven- 
tion is shown connected in a network, e.g. a teleconv 
municatk>n system. Between the external apparatus- 
es exist encrypted traffic. The external apparatuses 
may be telephone orfacsimile apparatuses. For kien- 
tif ication and exchange of encryption keys two card 
readers are used comnuinicating with each other. As 



a basis for the identif icatton two smart cards are used 
which means that the identification is performed by 
the card (and its owner) and that the reader as such 
does not contain anything conf kjential. 

5 The reader may be connected in parallell with a 

telephone to an ordinary telephone jack via a stan- 
dard intermediate plug (not shown). The reader con- 
tains a reader unit that, together with software func- 
tk>ns, is capable of handling smart cards. The reader 

10 can communicate through dual-tone multifirequency 
(DTMF) signalling or using a modem. In additkm, it 
has a built-in keyboard for data input The control of 
the reader is performed through anyone of the two 
communication channels available, using DTMF sig- 

15 nailing or modem. 

It is also possible to intergrate the telecommunt- 
catk>n apparatus and the card reader into a unit In 
this case the unit has a single keyboard and a slot for 
inserting the smart card. 

20 The reader is controlled by a central unit It is an 
eight bit central processing unit built for maximal inte- 
gration of the function of the card reader directly in 
the central unit The central unit is made with CMOS 
technology warranting a low current consumptk>n. In- 

25 ternally there is random excess memory RAM having 
256 bytes which is sufficient for the functions to be 
performed by the reader. The machine code may be 
stored in a programmable read-only menfx>ry PROM 
or mask programmed directly in the central unit to 

30 minimize the current consumption and the price. 

The card reader is equipped with a bu9t-in key- 
board containing 12 keys: the digits 0-9 and the char- 
acters * and #. The appearance corresponds to key- 
boards of ordinary telephones. The keyboard is con- 
as nected directly to the central unit eliminating the risk 
of leakage of input infornrmtion. 

The reader unit as such is intended for nrKHjnting 
directly on the circuit board whk:h is important to min- 
imize the overall size and price of the constructk>n. 

40 The reader unit is adapted for handling all smart cards 
in the market The reader unit is totally passive and 
is only a link between the card and the central unit 
Via the reader unit the central unit can conununicate 
with the card and assist with current supply and 

45 dock. Various supply voltages and ck>ck frequencies 
are supplied to the card in dependence of which card ' 
is connected. 

The basic communicatk>n is achieved using 
DTMF signalling. The reader is provided with both 

50 DTMF transmitter and receiver. The transfer rate is 
normally 10 characters (10 x 4 bits) per second. The 
DTMF receiver is connected in parallel with the ordi- 
nary telecommunicatk)n traffic which means that it 
can receive data both from the user's telephone and 

55 from the telecommunicatbn network. 

Since DTMF signalling sets large limitatnns in 
the aiTKHjnt of data which can be transferred the read- 
er is also equipped with a tHjilt-ln iTKxJem. The modem 
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can handle communication according to CCITT V.21 
and V.23, resulting in a transfer rate ranging to 1200 
bps. This provides a greater flexibility with respect to 
the functions to be performed by the reader. 

The reader is also fitted with a number of light- 5 
emitting diodes (LED) in various colours, the func^ 
tions of which will be described below. 

The reader is constructed from low current con- 
sumption components but the nrK>st current consuni- 
ing component is the smart card. Since various cards io 
will be used no exact current consumption can be cal- 
culated. Additionally, the cards consume more cur- 
rent when they are written so that the current con- 
sumption varies with time. The current supply is pro- 
vided by a battery or a battery eliminator. With a 9 V is 
alkaline battery a continuous operation of the reader 
of approximately 3-4 hours is achieved. One of the 
above-mentioned light-emitting diodes indicates low 
battery voltage and need for change of battery. 

When a card is inserted into the reading unit of 20 
the reader the reader is started automatically. When 
the card is pulled out the reader is switched off. Since 
smart cards are depedent of current supply from the 
reader they will return to idle position when pulled out 
of the reader unit When the reader is started by in- 25 
sorting a card in the reader unit a yellow light-emitting 
diode is lighted. The reader tests the card to identify 
the type of smart card being used. If a card is accept- 
ed the yellow LED is switched off and the reader is 
ready for use. This means that the reader proceeds 30 
to listen for DTMF signals sent from the called system. 
If the reader does not recognize the card as anyone 
of the accepted types the card is of an unknown type 
or turned the/ wrong' way. Then a red LED is lighted 
and the reader waits for the card to being pulled out 35 
Ail calls to the reader wil then only give an error mes- 
sage as response. 

Using the keyboard the user can input data local- 
ly to the reader. The inputted information nnay then be 
used as data for a command to the card. The most 40 
conrvnon type of inputted infornnatnn Is a personal 
code which is to be tested in the card, but can also be 
another type of data, e.g. information to be encrypt- 
ed. None of the operatk)ns on the keyboard will be 
sent in clear text on the telephone I ine. The reader ac- 45 
cepts input from the keyt)oard after a cdmnr^nd from 
the called system. When this is at>out to happen a 
green LED is lighted to indicate that the data Is to be 
input The input is terminated with and the green 
LED is switched off. When the LED is switched off no so 
manipulatk)ns on the keyboard will either t>e stored or 
sent on the line. 

In a connected mode the reader listens continu- 
ously on the data in the form of DTMF signals or via 
the modem being sent from the called system. When ss 
a start character is detected the reader perceives this 
as a start of a command. The telecommunicatbn ap- 
paratus is then disconnected from the line and the 



reader goes to a command mode. The reader now col- 
lects all data through the signal indicating end of 
command. If there is a delay of more than one second 
between the vanous character the comnnand is con- 
sidered lost and the reader returns to search for the 
start character. When the whole command is received 
it will be decoded and performed. After the conrunand 
is performed the reader always sends back a re- 
sponse. Thereafter the telephone is again connected 
to the line and the reader returns to listening. How- 
ever, when the modem is connected the user will al- 
ways be disconnected from the line. From the mo- 
ment the reader has detected the start character until 
the reader has sent the whole response the yellow 
LED will be lighted. 

The reader always begins in DTMF mode, i.e. it 
listens for DTMF signals from the called system. By 
means of a command it is possible to change commu- 
nk^ation channel and instead connect the modem. 
Thus, there is a number of various operation modes: 
DTMF signalling and s^nalling with a nrKXiem with va- 
rious transfer rates. The operatk>n nrxxle of the mo- 
dem can be changed during ongoing modem traffic by 
means of a new command on the nrnxJem line. This 
enables e.g. a change between 1 200/75 bps as trans- 
mission rate. The response to the command wOl al- 
ways be issued on the communication channel on 
which the command was sent, DTMF or modem. The 
change of communicatton channel or operation mode 
of the nrK>dem will not occur until after the response 
has been transmitted. 

By sending a command the reader can be re- 
quested to accept data from the user via the key- 
tK>ard. The green LED is lighted to indicate that input 
is to be performed on the key-board. The input is ter- 
minated by the user depressing the character #. The 
green LED is switched off when the input is terminat- 
ed. The user has maximally 30 seconds to input data. 
If the input is not terminated within this time period in- 
stead an error code is returned. This command is nor- 
mally used to accept the personal code which is to be 
used for opening the card connected. 

A command may t>e sent directly to the card con- 
nected. The reader awaits a response from the card 
and then returns it The reader waits maximally 30 
seconds for a response. After thte time periodinstead 
an error code is returned. The reader only investh 
gates the length of the command as a controll that 
sufficient data has been transmitted. Besides this no 
check of the command is performed. It is the task of 
the calling system to see to it that the command fo^ 
lows the specif icatk)n of the connected card. 

If data has been inputted from the keyt>oard this 
may be sent to the connected card using a special 
command. The input data is stored in a buffer of the 
keyt>oard and is transmitted together with the com- 
mand to the card. Also in this case only the length of 
the data is checked in the keyboard buffer. The soft- 
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ware of the card reader is designed so that two read- 
ers can communicate with each other, and the reader 
Is provided with a serial port This serial port is used 
to deliver the result of the identification and the ex- 
change of encryption Iceys to the external unit In 
other words, the reader is not used to perform the en- 
cryption as such but only for the exchange of keys. 

The means should be capable of performing 
identification of both parties in a conrtmunication and 
should additionally genereate encryption keys ex- 
changed between the systems. Identities and en- 
cryptk>n keys are then delivered to the external ap- 
paratus for use. The external apparatus communi- 
cates with the card reader via an ordinary asynchron- 
ous serial port The card reader is controlled via this 
interface to perform kJentifk^ation. The kientity and 
the encrypt k>n key are also delivered here. The klen- 
tity ofthe user (the apparatus) is stored in smart card. 
This card is protected by a password which is de- 
dared using the keytx>ard of the card reader. The 
card is also used in calculating and testing the kien- 
tity. 

Every user gets a pair of keys, one open and one 
secret key in accordance with RSA (Rivest-Shamir- 
Adleman). These keys are then used for Mentif tcation 
and exchange of keys. According to RSAthe keys are 
preferably chosen in the n^nner betow. 

Every user selects himself two large prime num- 
bers p and q and calculates n=pq. From the range 
[max(p,q) + 1,n - 1] a new number d is chosen and 
thereafter the number e is calculated. These two new 
numbers are to be used together with n in encryption 
and decryptbn. d should be a prime numt>er and is 
selected according to certain criteria, wherein the se- 
lection has an miportance for the strength of the al- 
gorithm, e is calculated as e=inv(d,0(n)i') (t=totient 
functk>n). d and e then gives the two functions M=0' 
mod n and OM" mod n, where M is a plain message 
and C is the encrypted correspondence thereof. To- 
gether this means M = nKxi n = (M« mod n)^ mod 
n = mod n = ... = M, i.e. the two functions are in- 
verses of each other. This means that one key (func- 
tion) for encryptk)n and another for decryptk>n are 
used. This is usually called asymmetric encryption. 

The above two functbns may be denoted as 
andM=D(C), where E and D are the individ- 
ual users encryptk)n and decryption transformattons, 
respectively (or vice versa). E may be handed out, 
while D must be kept secret Both these transforma- 
tions (keys) are stored in the smart card of the user. 
Additk)nally, D is stored in a way which excludes 
copying. 

In additk>n, two system constants, a and q, are 
stored on the smart card, a is a random numt>er and 
q is a strong prime number (q = 2p + 1, where p is a 
prime number). These two constants are used in cal- 
culating the key of the secondary encryption (see be- 
low). 



Every user has a card reader certificate, a digital 
identification. This cert'rficate constets of four text 
fields, separated by semicolons. The entire certifi- 
cate is stored on the user's smart card. The four fields 
5 are: 

Identity: A string of any length consisting of al- 
pha-numeric characters. 

Public RSA key: This is in turn two fields, e and 
n (as mentioned above). These two fields are stored 
10 as long hexadecimal numbers, separated by a conD- 
nta. 

Validity date of certifteate : This ts a text field 
with the form yyyy-mm-dd. 

A signature of the above : A hexadecimal num- 

15 ber calculated as shown below. 

A user's certificate is signed at a certif k:ation au- 
thority possessing two own transfornDations Dg and 
Es, as shown above. Eg is generally known and re- 
sides in our case in the user's smart card. D, is ex- 

20 tremely secret, since D, is used to generate signa- 
tures for all cards. If sonieone other than the authority 
would use D, the whole reliability ofthe kientif ication 
is lost Therefore, Ds is stored in a special smart card 
and is protected by a password. can never be read, 

25 but can only be used by the proprietor of the pass- 
word. This protection is today the best allowed by 
technology. 

A user, e.g. A, regbters with the authority and re- 
ceives a signature Sa=D8 (MD(the user's certificate)). 

30 MD is a "Message Digest" functton compressing the 
field in the certificate (excluding the signature field) 
to a short number. This function ts used to limit the 
calculatton need of long (heavy) numbers. The signa- 
ture' received can then be verified by everybody 

35 knowing Eg and is a proof of authenticity for the user's 
kientity and public key. The signature is stored in the 
user's smart card together with the rest of the certif- 
icate. 

When the user A contacts user B they start with 

40 exchanging the respective identities, public keys as 
well as their signatures (certif teates). Then A tests 
whether B and Eb belong together by testing the sig- 
nature Sb, i.e. if ES (Sb)=MD (B's certificate). B does 
the same thing. In this way it is possible to learn if the 

45 claimed identity and the public key belong together. 

Aahd'B then sdect a randoni hurnber each which 
is transmitted in plain text The opposite party en- 
crypts this using its secret key, i.e. X=D(R), where R 
is the random number and X ts the result The result 

50 of the encryption is then re-transmitted, and the re- 
spective reader decrypts this with the public key of 
the other reader which was in the transmitted certif- 
icate. If the random number reappears after the de- 
cryptbn, one of the readers knows that the other 

55 reader ts the proprietor of the public key, which was 
in the certificate. Since the certificate has been prov- 
en to belong to the alleged kientity also the identity 
has now been verified. 
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The last step is exchanging the encryption keys. 
Each user generates a random number X and calcu- 
lates Y=ax mode q. a and q are two system constants 
and they are stored on the smart card. These Ys are 
exchanged t)etw66n the readers, and reader A now 
calculates K^Ye^mod q=(a^y«Amod q=a^^B'«Amod 
q. If B treats Ya in the corresponding way both A and 
B will now share the comn(K)n key K. This key is then 
used for encryption in a secondary encryptk>n. Since 
both parties have been involved in generating the key 
a disdosure of the keys of one party will not disclose 
K. In addition, byvaryingX for each session, twoses- 
sk>ns will never have the same key. 

The various public keys should be readily aval- 
able to all needing, e.g. to test a signature e.g. in a di- 
rectory. 

A problem with directories is the protection of the 
contents of the directory. If someone is able to manip- 
ulate the put>lic key and mislead those who utilize the 
directory to use the wrong key, this someone can act 
as rf he was someone else, e.g. mask himself. It is 
possible to protect the directory from this by the di- 
rectory being physically and logically protected 
against n>anipulatk>n. A secure communication chan- 
nel directory then provkJes an adequate protection 
against nrK>st invaders. 

However, a more elegant way is that the informa- 
tk>n in the directory in turn is signed by means of a 
digital signature. This is achieved by the individual re- 
cords being signed by a certif rcation authority, which 
can be viewed in the same way as the authorities is- 
suing ordinary identifications who in fact warrant the 
authenticity of the klentification. This authority 
should be responsible for tha-isecurity of the system. 

The above description of the directory function 
works excellently e.g. in a computer network or in 
other environments where the oommunicatnn is 
readily established. However, in many situations this 
is not possible. If e.g. two facsimDe apparatuses are 
about to kientrfy each other they must have direct ac- 
cess to the public keys of each other. One way to 
soke this is that the various systenr^ have the key di- 
rectories stored locally in a safe manner (e.g. in a 
smart card). The requirements on storage capacity 
nr^y however be too large, but at>ove all a problem 
arises when a new sy^em comes^ into existence- or - 
when some system changes key/identity. Then every 
local directory has to be updated which can be a time- 
consuming procedure, tn addition, there can be an in- 
terest in two systenr^ being able to conrvnunicate with 
each other without previous contact It should be suf- 
ficient that both are approved by a common certifica- 
tion authority for communk:ation with each other. 

The easiest way to solve this is letting the system 
exchanging their respective identities and the public 
keys with each other, s^ned by the common author- 
ity. Using this signature the various systems can 
check the authenticity of the identity of the others 



and the publto key, without either previous or imnnedi- 
ate contact with a third party. The important thing 
here is the possibility of a safe identifk:ation. As no 
third party is involved in the identification moment 
5 the identification procedure must be able to establish 
the identity with a 100 percent certainty of both par- 
ties. Every "n^asquerade" attempt should be made 
impossible. 

All types of smart cards offer the possibility of 

10 protecting data fields using a personal code. These 
data fields may only be used by the proper user, the 
smart card not allowing access to these fields without 
the user having presented the right code. By protect- 
ing the key of the user's secret transfer matton in a 

15 public key system in such a data field, it is possible 
to presume with high reliability the authenticity of 
messages calculated using this transformation. 

The problems associated with the atx>ve are 
mainly two. Partly, the equipment reading the key 

20 from the card or later handling it should not t>e able 
to be manipulated. In addition, this equipnwnt must 
have the calculation capacity required for calculate 
exponents and diviskins (nrKKjulo) of long numbers in 
an acceptable time. The first problem can be handled 

25 by the equipnrient being made secure or at least pro- 
tected by the user in the same way as he/she protects 
his/her card. As the personal codes of the card often 
are handled in dear text inside this equipment this Is 
another problem which has to be addressed. The cal- 

30 culation capacity may however be an even bigger 
prot>lem, since the protection of the equipment only 
can be guaranteed relatively dose to the card (in the 
card reader), where the calculatbn capacity often is 
limited. " 

35 One way to solve both problems simultaneously 
is to let the card as such take care of both the protec- 
tion of the key and the calculatk>ns. This is increas- 
ingly more common and today exists in at least two 
types of smart cards. However, dependent on the 

40 choice of identificatk>n method, other requirennents 
may be put on the smart card. 

To perform an identificatk>n and exchange of 
keys at least five calculations of the type a^ mod p are 
required. All five cakujlatk>ns are of the sanne type. In 

45 addition, this algorithm is built-in in at least two differ- 
, .^.w^. eht comnnercially available smart cards. However, the 
cards differ as to the abOity of calculating with gener- 
ally selected a, x and p. The most common RSA cal- 
culation is the one with the secret key (D), in which 

50 case a is d and p is n. In our case, this is only one of 
the five calculatk)ns. In the other cases both x and b 
are totally different numbers. 

Since the card reader is prograrruned to accept 
certain cards it is able to choose different methods of 

55 securing the identificatton. 

In the most preferred embodiment of the inven- 
tion the smart card calculates everything. In this type 
of card the secret part of the RSA key (e) is stored 
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safely. In addition, the nnodulo variable n is stored 
permanently on the card, so that the card efficiently 
can perform sfi mode n (E^) as nr>entioned atx>ve). Ad- 
ditionally, the card can be supplied with general argu- 
ments for the RSA algorithm. Since the card is espe- 
cially designed for calculating with RSA this is the 
fastest method seen overall. One can assume that 
one calculation takes maximally one second and. 
thus, the whole phase of identification and exchange 
of encryption keys (overhead excluded) will take 
maximally five seconds. 

If the card Is not capable of calculating using gen- 
eral arguments for the RSA algorithm the reader has 
to use its built-in algorithm for calculating everything 
else than EtQ. This means no deterioration to the se- 
curity, since precisely E(0 is the only thing critical 
from the security point of view. However, this means 
a reduced eff teiency. An RSA calculatk)n in the card 
reader takes approximately ten seconds. Since three 
of the five calculations in this case has to be per- 
formed by the reader the whole procedure will take 
approximately 35 seconds. 

If the card is not capable of calculating with RSA 
at all the reader must take care of all the calculations. 
The variables (n and p) normally stored permanently 
in the card are read as data stored on the card in this 
method. The reader reads these variables from the 
card in calculating EiQ. TTiis means a substantial de- 
terioratbn of the security, since the kJentity of the 
card can be manipulated in this way. The card and the 
data thereof are however still protected by the pass- 
word of the card. This is also the least efficient meth- 
od. The total procedure for identifteatk)n and ex- 
change of encryption key takes approximately 50 
seconds, which is experienced as annoyingly stow. 
The advantage is that any smart card can be used in 
this method. 

For the reader to be at>le to be used it has to be 
activated by inserting one's smart card in the reader. 
Using the keytx>ard the password is then inputted to 
the card, whk:h is opened. Thereafter the reader is 
ready to receive commands through the serial port or 
as DTMF signals on the telephone line. If a command 
enters through the serial port the reader wOl take the 
initiative for identification of the other reader. A conv 
^'^niahd firofn the telephone line is the result of. an initia- 
tive of the other reader. 

The card reader is provided with a serial port 
This serial port may be very simple and is capable of 
transmitting and receiving data in 9600 bps asynchro- 
nously, 8 data bits, no parity. 

The apparatus controls the reader to perform 
identification and generation of encryption keys. 
Since both operations occur simultaneously there is 
only one command for the apparatus to the reader. 
The reader transmits a status message to the appa- 
ratus simultaneously with the conrununication with 
the opposite reader and, after the identif icatbn and 



generation of encryption key, also the result 

Between the two readers comnminication is ac- 
complished by means of DTMF signalling and nnodem 
transmission. The DTMF signalling is used to gener- 

5 ate the initial contact The reader that takes the inh 
tiative transmits the DTMF sequence "A6G^. The 
other reader responds with the sequence "B66#", 
whereupon both readers are switched over to modem 
conrtmunicatk>n. In modem mode the identification 

10 and exchange of encryption keys will be performed. 
The reader who took the first initiative begins with 
transmitting in modem nnode. Thereafter, the readers 
are conrununicating alternatively with each other, un- 
til the entire procedure is performed. 

f5„ 

Claims 

1 . Means for kJentif ication and exchange of encryp- 
20 tion keys between two comnninicating appara- 
tuses for encrypted transmissions, characterized 
in that a reader for smart cards is connected to 
each communication apparatus, the required cal- 
culations being performed by the reader or the 

25 smart card using data stored on the smart card 

in a protected field with limited access. 

2. Means according to claim 1, characteroed in 
that all the calculatk>ns are performed by the 

30 smart card. 

3. Means according to daim 1 or 2, characterized 
in that the reader is connected to the communi- 

■■'^-"^ catk)n apparatus via an asynchronous serial port 

35 

4. Means according to daim 3, characterized in 
that the communication apparatus a facsimile 
apparatus or a telephone set 

40 5. Means according to any one of the preceding 
daims, characterized in that the comnminteation 
between the readers is achieved t)y means of 
dual-tone nmiltifrequency signalling and/or pdo- 
dem conrvnunication. 

45 

e^-^Means according^^to anycone of the preceding 
daims, characterized in that the card reader is 
connected to the telecommunication system in 
parallel with the telephone set, preferably by 
50 means of an InternDediate plug. 

7. Means according to any one of the preceding 
claims, characterized in that the card reader is 
integrated with the telephone set provided with a 

55 slot for inserting the card. 

8. Means according to any one of the preceding 
daims, characterized in that bklirectional conrv 
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munication in several steps occurs between the 
communication apparatuses. 
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